This time however, Kaspersky Labs believes it has uncovered the first known targeted malware attack on the Android platform. In this case, the targeted victims were Tibetan activists, but now we can see how such an attack might play out again.

Like many virus and malware attacks, this one started with an email that used social engineering and verbal manipulation. The hackers were able to access a high-profile Tibetan activist’s email and use that to send out the infected message to everyone in the contact list. Rather than being a poorly worded email promising riches from an abandoned bank account in North Africa, the message was carefully worded and designed to evoke action by the reader, in this case, a reference to an attached file with an ".apk" extension.

APK is an Android Package file and once the user opened it, an application called “Conference” would install itself on the device. The user would open the app and see a less carefully worded message which would serve as a distraction while the malware would scour contacts on the device and SIM card, copy call logs, SMS messages, geo-location, and other data about the device.

As the targets were Tibetan activists, it does not take a giant leap to think that the hackers involved were from China. Kaspersky believes attacks like this will evolve and adapt to take advantage of future vulnerabilities.

In the meantime, the same no-nonsense rules apply to email and attachments. If you do not recognize the file extension or the message is unexpected, use a bit of scrutiny before blindly clicking on a link or attachment.

Display mode:

you call malware a typical app installed by user after approval of contacts or sms access? Than every app must be malware according to this logic :)
I think this is more dangerous:
"40% of iOS popular apps invade your privacy without any permission"
"Apple iOS Apps Leak More Personal Info Than Android"
"Apple lets kids easily spend parents' money, beware = easy to abuse your iDevices; very probably intention of Apple to spend your money by mistake"

we, Androids, know what we install, with iConboard you simply don't know anything :)
so logic says me that we dont need any anti-malware when we approve any app...if you dont want malware, dont install it, its called freedom :)

I support you. The naive people are the ones that trust everything they see posted on the internet. People should be more cautious and inform themselves. However this attack was not a simple 12-year-old wanting to steal a credit card number but a well-orchestrated plan with a specific agenda.

So I'm naive because I've just been given refund for app I didn't like and didn't accepted a new permission they required because of its new update? Now you can see that you are 12 years old boy ;-)
This is called freedom and responsibility..... With iOS you have no freedom and you are a limited kid for Apple..... what's worse you are not safer with stealing iOS apps ;-)

With android is almost perfect, when you don't accept permission an app requires don't install unlike limited iConboard :-)
It's called freedom and in freedom you have to behave responsibly unlike kids with iConboards :-)

"the targeted victims are Tibetan activists" ---> then it's easy to see this is an act of the f**king communist party from China ... they will sure later deny and say ppl made this up to make China look bad ...

Android does not allow the installation of apps not downloaded from the market unless you specifically enable it, and if you enable it Android would ask for a confirmation with a dialog box anyway. Besides, if you allowed downloaded apps installation, you would surely know that you don't have to install an apk you received in an email from an unknown source.
And anyway you would be notified of the permissions required by the app.
So I don't see a real security threat here, wether you're a beginner or an advanced user.
Anyway, it's a measure of Android's popularity, though it is a poor attempt. :)

All content (phone reviews, news, specs, info), design and layouts are Copyright 2001-2016 phoneArena.com. All rights reserved. Reproduction in whole or in part or in any form or medium without written permission is prohibited! Privacy . Terms of use . Cookies . Team